mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
580693f8b9e0e27ba984d83e3e4b4b8a749b8480
meta-openembedded/meta-python/recipes-devtools/python/python3-django
T
History
Soumya Sambu 580693f8b9 python3-django: Fix CVE-2024-38875 
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7.
urlize and urlizetrunc were subject to a potential denial of service attack
via certain inputs with a very large number of brackets.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-38875
https://github.com/advisories/GHSA-qg2p-9jwr-mmqf

Upstream-patch:
https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-01-22 19:20:02 -05:00
..
CVE-2023-31047.patch
CVE-2023-36053.patch
python3-django: fix CVE-2023-36053
2023-08-25 10:45:34 -04:00
CVE-2023-41164.patch
python3-django: fix CVE-2023-41164
2023-09-27 10:23:14 -04:00
CVE-2023-43665.patch
python3-django: Fix for CVE-2023-43665 and CVE-2023-46695
2024-01-12 07:14:16 -05:00
CVE-2023-46695.patch
python3-django: Fix for CVE-2023-43665 and CVE-2023-46695
2024-01-12 07:14:16 -05:00
CVE-2024-24680.patch
python3-django: fix CVE-2024-24680
2024-04-28 13:10:23 -04:00
CVE-2024-38875.patch
python3-django: Fix CVE-2024-38875
2025-01-22 19:20:02 -05:00
CVE-2024-42005.patch
python3-django: Fix CVE-2024-42005
2024-08-25 18:12:26 -04:00